Create SSL Certificate for Apache


Posted by Jason Hardin on January 18, 2013

I wanted to record the process I use to generate self signed ssl certificates. I took it from http://www.akadia.com/services/ssh_test_certificate.html.

1
2
3
4
5
sudo openssl genrsa -des3 -out pma.key 1024
sudo openssl req -new -key pma.key -out pma.csr
sudo cp pma.key pma.key.org
sudo openssl rsa -in pma.key.org -out pma.key
sudo openssl x509 -req -days 3650 -in pma.csr -signkey pma.key -out pma.crt

Then my virtual host looks like:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
<VirtualHost *:80>
ServerAdmin admin@localhost.com
DocumentRoot "/var/www/baseapp_apm/app"
ServerName server
ServerAlias server
ErrorLog "/var/log/apache2/server-error.log"
CustomLog "/var/log/apache2/server-access.log" common
<Directory /var/www/baseapp_apm/app/server/>
Options FollowSymLinks
AllowOverride FileInfo
</Directory>
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@localhost.com
DocumentRoot "/var/www/baseapp_apm/app"
ServerName server
ServerAlias server
ErrorLog "/var/log/apache2/server-error.log"
CustomLog "/var/log/apache2/server-access.log" common

<Directory /var/www/baseapp_apm/app/server/>
Options FollowSymLinks
AllowOverride FileInfo
</Directory>

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/etc/ssl/localcerts/server.crt"
SSLCertificateKeyFile "/etc/ssl/localcerts/server.key"
</VirtualHost>
</IfModule>